package com.lingkang.ztgateway.config.auth;

import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

@AllArgsConstructor
@Configuration
@EnableWebFluxSecurity
public class ResourceServerConfig {

  private AuthorizationManager authorizationManager;

  @Bean
  public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
    http.authorizeExchange()
//        .pathMatchers(ArrayUtil.toArray(whiteListConfig.getUrls(),String.class)).permitAll()
        .anyExchange().access(authorizationManager)
        .and()
        .exceptionHandling()
//        .accessDeniedHandler(customServerAccessDeniedHandler) // 处理未授权
//        .authenticationEntryPoint(customServerAuthenticationEntryPoint) //处理未认证
        .and().csrf().disable();

    return http.build();
  }
}
